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Defining  the  Enterprise 


Enterprise:  The  enterprise  includes  the  systems,  people  and 
data  that  work  together  to  support  a  mission. 


Enterprise  Services:  Enterprise  Services  are  the  collection  of 
IT  services  that  are  performed  in  a  centralized  manner  over 
the  distributed  enterprise  resources. 


Enterprise  Security:  Securing  the  enterprise  components 
including  infrastructure,  data  and  Applications  between  the 
boundaries  of  the  Enterprise. 
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Elements  of  Enterprise  Security 

Management 

The  main  Elements  of  Enterprise  Security  Management  are: 

•  Identity  Management 

•  Attribute  Management 

•  Credential  Management 

•  Privilege  Management 

•  IA  Meta  Data  Management 

•  Digital  Policy  Management 

•  IA  Configuration  Management 

•  IA  Audit  Management 

•  Cryptographic  Key  Management 
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ISE  for  Multi  Agency 
Collaboration 


i 


Information  Sharing  Environment 
Enterprise  Architecture  Framework 
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CDS  Vision 

•  Cross  Domain  Enterprise  Services  Vision 

Statement . Secure  and  seamless  cross 

domain  services  available  when  and  where 
the  customer's  mission  requires 
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Types  Of  CDS 


•  Transfer:  Facilitate  the 
transfer  of  information 
between  different  security 
domains 

•  Access:  User  access  (to  apps 
&  data)  to  multiple  domains 
from  a  single 
keyboard/video/mouse 

•  Multi  Level:  Label-aware 
management  of  data 
labeled  at  various  security 
levels 
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Common  CD  Functions 

Hidden  Data  detection  &  exposure 
Search  for  encrypted  messages 
Reliable  Human  Review  (RHR) 

Specialized  content  filtering 
Anti-Virus  and  Malicious  Code  Detection 
Data  blocking  like  firewalls 
Cryptographic  devices 

Downgrading  -  change  classification  without 
changing  data  content 


p  Common  CD  Functions 

(Cont) 

Prevent  leakage  of  data  from  the  high  side  to  the  low 
side 

Defend  against  attacks  (DoS,  Malicious  contents,...) 

Filtering  -  eliminate  data  based  on  pre-defined 
criteria  (i.e.,  Specific  data  type,  classification) 

Keyword  Search  -  search  for  "dirty  words  check" 

Integrity  Checks  -  verify  that  data  has  not  been 
modified 


Sanitization  -  remove  or  edit  portions  of  text  that  are 
sensitive  so  that  resulting  data  is  less  sensitive. 
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Centralized  to  Integrated 
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Issues  in  Building  a 
Common  CD  Enterprise 

•  Lack  of  acceptable  cost  model 

•  Dealing  with  variations  of  data  Types  and  Priorities 

•  Developing  common  infrastructure  capabilities 

•  Dealing  with  application  versions  including  VoIP,  IP 
version. 

•  Maintaining  the  required  QoS  for  application  to 
efficiently  function 

•  Finding  an  equivalent  model  for  the  commercial  SLA 

•  Developing  an  acceptable  model  for  Enterprise 

Management  m. 
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Objective  of  Resulting 
Architecture 


Native  SOA  CD  Application  Non-SOA  Wrapped  CD 

Application  (for  Legacy  components) 
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The  CD  Enterprise  includes  new  and  legacy 

Systems 


Translating  the  identified  cross  domain 
enterprise  services  (CDES)  Capability 
Objectives  into  High-Level  CD 
Requirements 

Developing  an  evolving  Architecture  for 
the  CDES 

Developing  a  comprehensive  maintenance 
and  upgrade  plan  for  the  enterprise 

Understanding  the  evolving  Constituent 
Systems  and  Relationships 

Increasing  the  extent  to  which  CDES 
Performance  Meets  Capability  Objectives 
over  Time 

Monitoring  and  assessing  potential 
environmental  effects  and  impacts  of 
changes  on  CDES  performance 

Addressing  evolving  needs  and  solution 
options 
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ISE  Enterprise  Architecture  Options 


►  Unified 


onfederated 

-  No  common 
program  oversight 

-  No  binding 
interoperability 
specifications 

-  Changes  in 
requirements  and 
interfaces  are  not 
reported  and  no 
other  program 
approval  is 
requested. 

-  Geographically 
dispersed  Systems 

-  Uncommon  Data 
formats  and 
standards 

-  No  common 
certification 
method 


Federated 

-  Independent 
programs 
communicating  to 
deliver  a  service 

-  Usually  have  a 
synchronized 
Procurement 
Processes 

-  largely  defined  by 
and  "held 
together"  by 
standards 

-  Coordination  at 
different  stages  of 
implementation 

-  Synchronized 
Requirements/dev 
elopment  changes 

-  Reciprocity  in 
Certification  and 
Accreditation 


-  Programs  are 
ccentrally  managed  for 
a  specific  purpose 

-  Budgets  are  centrally 
controlled 

-  systems  maintain  some 
measure  of 
independence 

-  Each  program  normal 
operational  mode  is  in 
a  subordinate 
relationship  to  the 
central  purpose 

-  Requirement  allocation 
between  systems  and 
programs  are  under 
centralized  authority 

-  Centralized 
certificationran^ 
Accreditation^*- 
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Levels  of  Federation 
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Determining  the  best  fevet  of 

Federation  for  Architecture  implementation 
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Virtualization 


i 


Virtualization  is  a  technique  used  to  provide  a  certain 
kind  of  software  implementation  of  a  machine  that 
executes  programs  giving  the  impression  of  physical 
machine  environment 

—  Full  Virtualization  provides  complete  simulation  of  the 
underlying  service  layers  where  any  software  capable  of 
execution  on  the  intended  hardware  can  be  run  in  the 
virtual  machine 

—  Other  Virtualization  methods  allow  only  certain  or 
modified  software  to  run  within  a  virtual  machine. 

Cloud  Computing  utilizes  the  concept  of  virtualization 
to  provide  remote  services  to  the  customers  over 
general  computing  infrastructure  while  appearing  to 
have  customized  services  to  each  user. 


Virtualization  of  CD  Assets 


Cross  Domain  as  a  Service 


•  SLA  need  to  be  established 

•  Discover,  Publish  and  Subscribe 

•  Advantages 


-  Enablers  for  Enterprise  Architecture 

-  Better  load  balancing 


•  Issues: 


-  Susceptibility  to  DoS 

-  Network  Loading 

-  Increased  latency  when  network  loads  are  high 

-  Need  queuing,  priority  and  QoS  Algorithms 

-  Certifications  and  accradfeiion 
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Approaches  to  Virtualization: 
Managed  Co-location 

•  Managed  collocation  is  often  referred  to  as  dedicated 
server  farms. 

•  When  using  this  form  of  service,  the  provider  has  a 
dedicated  server  that  is  preconfigured  to  certain 
specifications  with  selected  software  applications  on  it 
that  the  customer  can  use  within  limits. 

•  In  addition  to  this,  the  provider  generally  takes  the 
responsibility  of  providing  any  software  upgrades  to 
the  provided  applications  on  the  system  and  general 
maintenance  such  as  reboots,  hardware  issues  and  any 
backups  they  may  include. 

The  typical  cloud  implementation  utilizes  managed  co-location  approaches. 
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Approaches  to  Virtualization: 
Unmanaged  Co-location 

•  Customers  are  required  to  provide  their  own  hardware  and 
manage  all  of  the  hardware  and  software  on  their  own. 

—  This  allows  for  much  greater  flexibility  in  what  can  be  done 
but  has  the  drawback  of  more  work  by  the  customer. 

•  Of  course,  as  a  customer  you  are  still  bound  to  the  service 
agreements  of  the  provider. 

—  Most  collocation  providers  will  have  clauses  that  disallow 
certain  things  from  being  hosted  on  the  server.  These 
items  typically  include  services  which  generate  a  large 
amount  of  network  traffic  and  can  cause  severe  problems 
for  the  provider. 


When  the  technical  requirements  of  running  the  server  require  applications  that 
are  not  supported  by  the  provider  or  you  want  to  have  more  control  over  the 
configuration  and  use  of  the  server,  unmanaged  collocation  is  typically  the  best 
choice. 
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Cloud  Definition 


i 


Cloud  computing  is  utilizing  resources  as  a  service  over 
an  Intra-net  or  inter-net  to  provide  a  dynamically 
scalable  computing  or  storage  services. 

Cloud  computing  services  often  provide  common 
applications  that  are  accessed  from  a  remote  location, 
where  the  software  stored  on  the  servers  and  Data  is 
sent  to  the  servers  from  the  user  location. 

Users  need  not  have  detailed  knowledge  of  or  control 
over  the  technology  infrastructure  in  the  "cloud"  that 
supports  them. 
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Conceptual  Cloud  Model  for  Multi- 
Domain  Environment 


Conceptual  Cloud  Computing  model  for  Inter-Domain  Data  Sharing 
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Virtualization  and  Clouds 


Due  to  the  continuous  increase  in  demand  for  processing  and  storage, 
system  designers  are  always  looking  for  architectures  and  algorithms  to 
process  data  quicker  than  currently  possible  with  available  resources. 

The  cloud  approach  attempts  to  assemble  very  large,  powerful  systems 
consisting  of  many  small,  inexpensive  commodity  components 

-  Pro:  Component  systems  tend  to  be  much  less  costly  than  a  single,  faster 
machine  with  comparable  capabilities. 

-  Pro:  Resources  are  available  and  underutilized 

-  Con:  The  component  resources  are  already  consuming  power,  Space  and 
producing  heat 

-  Con:  Increased  data  exposure  over  datalink 

-  Con:  Prioritization  of  tasks  over  resources  presents  a  challenge 

-  Con:  Software  challenges  are  prevalent  in  this  environment  because  writing 
software  that  can  take  full  advantage  of  the  aggregate  computing  power  of 
many  machines  is  far  more  difficult  than  adopting  software  for  a  single  faster 
machine 

TASC 


The  Framework 


Information  Sharing  between  services  and  agencies  is  done  utilizing  Point-to- 
Point  systems 

The  Information  Sharing  mandate  requires  all  information  that  can  be  shared 
to  be  made  available  to  the  agencies 

There  is  a  need  to  share  with  coalition  members 

Need  to  develop 

-  A  publish  and  subscribe  architecture 

-  Automated  discovery  services 

-  A  risk  identification  and  mitigation  plan  to  include  cost  of  information  exposure 

-  A  high  level  gap  analysis  identifying  weaknesses  in  current  architecture,  auditing  and 
authentication. 

-  Order  of  Magnitude  Cost  and  timeline  of  fulfilling  the  needs 
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Analysis  Objectives 

•  Candidate  Systems  identified  and  potential  threats  classified 

•  Security  priorities  assessed 

•  Gap  analysis  between  current  system  and  desired  state 

-  Are  the  basic  technologies  available  to  develop  needed  capabilities? 

-  Is  the  data  protected  at  every  point  from  which  it  can  be  accessed? 

-  Has  it  adequately  protected  the  network  against  previous  attacks? 

•  Identify  the  Enterprise  Boundaries 

-  How  many  security  domains  are  within  the  Enterprise? 

-  Does  the  Enterprise  allow  low-to-high  and  High-to-low  Transfers? 

-  Does  the  Enterprise  allow  High  to  Low  Access? 

-  What  other  accesses  does  the  Enterprise  allow? 

-  Does  the  Enterprise  connect  to  international  destinations? 

-  Do  the  laws  in  the  international  destination  differ  about  protecting  data? 

•  Does  the  current  security  system  meet  or  exceed  industry  and  government 
requirements 

•  Attain  a  cost  estimates  requirements  as  a  baseline  for  design  phase 
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Design  Objectives 


Work  with  stakeholders  to  finalize  prioritized  Enterprise  security  requirements 


Develop  Operational  Build  Plan  to  Satisfy  Requirements  using  agile  design  methods 
Assess  the  attack  points  where  potential  threats  are  possible 


-  Penetration  tests  that  simulate  attacks  on  the  Enterprise  can  help  locate  vulnerabilities 

-  Don't  forget  the  Insider  threat 


Develop  and  socialize  physical  threat  policies 

Identify  any  Virtualization  Architectures  that  are  appropriate 

Architect  a  Multi-level  secure  system  that  covers  all  pillars  of  an  ISE  to  include  Intrusion 
detection/  prevention 

-  Ensure  that  IDS  monitors  all  possible  points  of  entry  and  also  all  sensitive  points  inside  the  network 

-  Ensure  that  you  devise  systems  that  cover  users  that  try  to  access  data  above  their  cleared  level 

-  When  a  suspicious  pattern  is  observed  ensure  that  the  systems  shuts  down  all  data  flows  to  the 
suspect  part  of  the  storage  network  and  alerts  the  security  managers  of  possible  exposure 

-  Tag  all  data 


Identify  the  authentication  and  auditing  software 

-  Ensure  Authentication  and  auditing  software  are  interoperable  with  coalition 


Ensure  the  availability  of  secure  backup  and  remote  data  recovery  measures  are  appropriate 
Develop  the  training,  certification  and  reporting  procedures 
-  These  procedures  must  be  observed  by  all  personnel  accessing  the  secure  data 

Testing/certification  procedures  for  incremental  builds  and  connection  to  external 
enterprises  are  developed 


Deployment  Objectives 

nsure  Physical  Security  in  deployment  location  is  adequate 
Ensure  all  personnel  are  only  allowed  access  to  their  required  clearance/access  level 
Ensure  that  fused  data  gets  evaluated  prior  to  placing  it  on  the  network 


Ensure  that  appropriate  auditing,  authentication,  physical  security  and  encryption  strategies  as 
specified  in  design  phase  are  implemented  appropriately 

Testing  completed 

-  Check  of  compliance  with  test  scripts  recommended  in  design  phase 

-  Perform  integrity  tests 

-  Verify  system  behaves  as  expected 

Ensure  that  Training  is  completed  prior  to  activation 

-  Develop  training  materials 

-  Develop  rules,  regulations  and  clear  penalties  for  violations 

-  All  users  and  managers  must  be  trained,  certified  and  informed  of  any  changes  in  policies 

Ensure  that  the  management  processes  and  procedures  are  in  compliant  with  the  overall  enterprise  security 
requirements 

-  Remember... .The  Enterprise  is  as  secure  as  its  weakest  link 


Continuous  testing  requirements 

-  Ensure  that  metadata  is  being  utilized  correctly,  and  restrictions  are  non-bypassable 

-  Periodically  Audit  data  to  detect  any  unauthorized  modification  or  destruction  of  information  and  ensure  the  integrity  of 
the  network 

-  Regularly  scan,  test  and  audit  Enterprise  activities 

-  Record  all  user  activities  and  review  on  a  regular  basis  to  determine  any  inconsistencies 

Ensure  that  Security  rules  and  procedures  are  updated  to  meet  the  current  threat 
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Enterprise  Security 
Management  Trends 


ESM  Today 

Proposed  ESM 

Rigid  where  assets  are  managed  based  on  prior  policy 

Flexible  where  reconfiguration  is  possible  to  support  the  evolving 

mission 

Static  where  planning  is  done  prior  to  mission  and  the  operational 

criteria  is  set 

Dynamic  where  the  enterprise  adapts  to  mission  and  tempo 

Stovepipe  with  interface  adapters/translators  and  encapsulated 

Federated  where  components  are  independent  but  support 

messages 

interoperability 

Secure  where  security  needs  are  set  and  the  evolving  mission  might 

require  changes  or  suffer 

Assured  where  risk  and  access  are  balanced 

Manpower  Intensive  where  management  is  physically  distributed  and 

Transparent  where  speed  of  reconfiguration  enables  the  changing 

manually  performed 

mission 
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What  Does  the  Community  Need 

Investigate 

•  What  type  of  virtualized  architecture  is  most  appropriate  for  the  CD  systems  (local 
clouds,  global  clouds,  Unmanaged  Co-location,  Managed  co-location, ..) 

•  How  do  we  deal  with  an  enterprise  that  has  virtualized  components  that  span 
across  a  cloud  (i.e  cloud  resources  on  more  than  one  domain,  or  user  and  clouds  on 
different  domains,  or..) 

•  How  do  we  deal  with  the  classification  level  when  the  data  fusion  or  processed 
data  within  the  cloud  delivers  higher  classification  than  the  input 

•  Can  we  get  the  certification  authorities  to  update  their  standards  and  methods  to 
accommodate  this  new  technology  in  time 

•  Can  we  develop  a  cost  model  that  follows  commercial  service  providers  where  the 
provider  assume  all  costs  of  the  operations,  gets  paid  for  the  services,  and  be 
accountable  to  delivering  QoS  according  to  an  SLA. 

•  Identity  and  Privilege  management  across  the  clouds 

•  Crypto  Binding  Advantages  and  Issues  with  propagation 
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Acronyms 

•  APP  =  abbreviation  for  application 

•  BPM  =  business  process  management 

•  CD  =  cross  domain 

•  COI  =  community  of  interest 

•  DoS  =  denial  of  service 

•  IP  =  internet  protocol 

•  ISE  =  information  sharing  environment 

•  QoS  =  quality  of  service 

•  SLA  =  service  level  agreement 

•  SOA  =  service-oriented  architecture 

•  VOIP  =  voice  over  internet  protocol 
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